api.gettyimages.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0c:5f:1e:0a:1c:c7:df:e7:b7:33:3d:90:fb:d9:e5:5a was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=api.gettyimages.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:5f:1e:0a:1c:c7:df:e7:b7:33:3d:90:fb:d9:e5:5aSerial Number (int): 16444613424456747667537672941130605914
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: fd:f7:74:00:b8:3b:1a:80:2a:32:e8:b3:ee:03:70:43:c7:3d:7a:0a
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 38:80:fe:08:7a:61:98:52:17:a9:87:92:b5:5b:4b:c2:73:2c:8b:4d
Fingerprint (sha256): 88:bd:39:7b:6e:a9:a6:ac:1d:b6:07:d0:8c:d7:37:1e:c6:a1:b0:da:34:1d:e2:28:a9:cd:61:41:f5:11:3c:34
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate api.gettyimages.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api.gettyimages.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.gettyimages.com
gateway-api.prod.getty1.net
connect.gettyimages.com
gateway-api.prod.getty1.net
connect.gettyimages.com
Other certificates including the domain name gettyimages.com
(limited to 100 certificates)
api-us-east-1.nd.nudatasecurity.com
*.gettyimages.com
embed.gettyimages.com
labs.gettyimages.com
k3.shared.global.fastly.net
foto.gettyimages.com
www.labs.gettyimages.com
embed-cdn.gettyimages.com
ews.gettyimages.com
embed-cdn.gettyimages.com
k3.shared.global.fastly.net
studio.gettyimages.com
ceros3.map.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
firstdata.gettyimages.com
smetrics.gettyimages.com
brookfield.gettyimages.com
mmpart.gettyimages.com
apply.gettyimages.com
sitemaps.gettyimages.com
labs.gettyimages.com
stories.gettyimages.com
k3.shared.global.fastly.net
workbench.gettyimages.com
api-prod.vizual.ai
mixer.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
workbench.gettyimages.com
services.gettyimages.com
hexion.gettyimages.com
mixer.gettyimages.com
*.dam.gettyimages.com
*.pinterestceros.com
k3.shared.global.fastly.net
view.ceros.com
developers.gettyimages.com
ceros3.map.fastly.net
remotetest.gettyimages.com
k3.shared.global.fastly.net
nd-ga.gettyimages.com
customcontent.gettyimages.com
esp.gettyimages.com
k3.shared.global.fastly.net
ceros.map.fastly.net
k3.shared.global.fastly.net
studioportfolios.gettyimages.com
legacycreative.gettyimages.com
servicestest.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
briefs-middleware.custom-content.usw2.prod-getty.cloud
k3.shared.global.fastly.net
events.gettyimages.com
www.gettyimages.com
licensecompliance.gettyimages.com
labs.gettyimages.com
mm.gettyimages.com
foto.gettyimages.com
communityassignments.gettyimages.com
stg-mm.lower-getty.cloud
k3.shared.global.fastly.net
stg-in.lower-getty.cloud
delivery.stage-gettyimages.com
services.gettyimages.com
copyrightcompliance.gettyimages.com
damhelp.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
ceros3.map.fastly.net
api-us-east-1.nd.nudatasecurity.com
k3.shared.global.fastly.net
communityassignments.gettyimages.com
essilormediamanager.gettyimages.com
mmx.gettyimages.com
view.ceros.com
www.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
mmpart.gettyimages.com
yearinfocus.gettyimages.com
secondary-prod-mm.prod-getty.cloud
affiliates.gettyimages.com
pdn.gettyimages.com
joinus.gettyimages.com
media.gettyimages.com
fashion.gettyimages.com
ceros3.map.fastly.net
unisys.gettyimages.com
ceros3.map.fastly.net
ceros3.map.fastly.net
k3.shared.global.fastly.net
api-us-east-1.nd.nudatasecurity.com
firstpartycookie.gettyimages.com
*.pinterestceros.com
mmx.gettyimages.com
k3.shared.global.fastly.net
*.gettyimages.com
embed.gettyimages.com
labs.gettyimages.com
k3.shared.global.fastly.net
foto.gettyimages.com
www.labs.gettyimages.com
embed-cdn.gettyimages.com
ews.gettyimages.com
embed-cdn.gettyimages.com
k3.shared.global.fastly.net
studio.gettyimages.com
ceros3.map.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
firstdata.gettyimages.com
smetrics.gettyimages.com
brookfield.gettyimages.com
mmpart.gettyimages.com
apply.gettyimages.com
sitemaps.gettyimages.com
labs.gettyimages.com
stories.gettyimages.com
k3.shared.global.fastly.net
workbench.gettyimages.com
api-prod.vizual.ai
mixer.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
workbench.gettyimages.com
services.gettyimages.com
hexion.gettyimages.com
mixer.gettyimages.com
*.dam.gettyimages.com
*.pinterestceros.com
k3.shared.global.fastly.net
view.ceros.com
developers.gettyimages.com
ceros3.map.fastly.net
remotetest.gettyimages.com
k3.shared.global.fastly.net
nd-ga.gettyimages.com
customcontent.gettyimages.com
esp.gettyimages.com
k3.shared.global.fastly.net
ceros.map.fastly.net
k3.shared.global.fastly.net
studioportfolios.gettyimages.com
legacycreative.gettyimages.com
servicestest.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
briefs-middleware.custom-content.usw2.prod-getty.cloud
k3.shared.global.fastly.net
events.gettyimages.com
www.gettyimages.com
licensecompliance.gettyimages.com
labs.gettyimages.com
mm.gettyimages.com
foto.gettyimages.com
communityassignments.gettyimages.com
stg-mm.lower-getty.cloud
k3.shared.global.fastly.net
stg-in.lower-getty.cloud
delivery.stage-gettyimages.com
services.gettyimages.com
copyrightcompliance.gettyimages.com
damhelp.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
ceros3.map.fastly.net
api-us-east-1.nd.nudatasecurity.com
k3.shared.global.fastly.net
communityassignments.gettyimages.com
essilormediamanager.gettyimages.com
mmx.gettyimages.com
view.ceros.com
www.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
mmpart.gettyimages.com
yearinfocus.gettyimages.com
secondary-prod-mm.prod-getty.cloud
affiliates.gettyimages.com
pdn.gettyimages.com
joinus.gettyimages.com
media.gettyimages.com
fashion.gettyimages.com
ceros3.map.fastly.net
unisys.gettyimages.com
ceros3.map.fastly.net
ceros3.map.fastly.net
k3.shared.global.fastly.net
api-us-east-1.nd.nudatasecurity.com
firstpartycookie.gettyimages.com
*.pinterestceros.com
mmx.gettyimages.com
k3.shared.global.fastly.net
Certificate
The complete raw certificate details for api.gettyimages.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGFDCCBPygAwIBAgIQDF8eChzH3+e3Mz2Q+9nlWjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjAyMTgwMDAwMDBaFw0yMzAzMTky MzU5NTlaMB4xHDAaBgNVBAMTE2FwaS5nZXR0eWltYWdlcy5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnYK00abFF4EncoLwK38bE2uLJUJSyH3a7 MAhGYy/eK6y2AoEgme8+LEOxuwGPwXj+FpL5MiQEisI4o66YB2EkQEV7hFyGz16Z 7wgO/JRS9SnyFXP46+FJSna/aeKrTBp5tX3peZx7k5GtDNhMgKjWzOD5wj3oYnV7 Le82faMyLKTVG+iMAfJSA3bb9pFlfiW9V72Uky/wsVrVd+Igv+LGVA6r2HeMAA6J daa9XQhKIhypTZuosNKxz3o5VQ6vBGpdubd4ntOoB2urebruZGCEEhIA5a380zRL Q3t2i6v0L5x2v5DHbzstSAa2tnvoJy3/ivNMi8eeVe/e/CMsLpOrAgMBAAGjggMk MIIDIDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU /fd0ALg7GoAqMuiz7gNwQ8c9egowVAYDVR0RBE0wS4ITYXBpLmdldHR5aW1hZ2Vz LmNvbYIbZ2F0ZXdheS1hcGkucHJvZC5nZXR0eTEubmV0ghdjb25uZWN0LmdldHR5 aW1hZ2VzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwuc2NhMWIuYW1h em9udHJ1c3QuY29tL3NjYTFiLTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUG CCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1h em9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpv bnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkC BAIEggFuBIIBagFoAHYArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooA AAF/Cv5V+wAABAMARzBFAiEA870QKKRBjkdLbNs4DTkR3UToxvpGtrp3usK8MHYl FasCIE3/HIYM1aGnvXywyZSp3jAQJCilHVaN0jOcqV9oLudkAHYANc8ZG7+xbFe/ D61MbULLu7YnICZR6j/hKu+oA8M71kwAAAF/Cv5VzwAABAMARzBFAiEAyTCOL+hu Tvg5aybemSFkoUPD3of/Pyh8PGwdXukTk+cCIH0ev0VuyoaPmm+6/7wnzrLEAg9h CkwD4a5vKUbA/ypHAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoA AAF/Cv5WDQAABAMARzBFAiBnDEz4Py7/seskkblJhwNgDqytrjwxZ4O7KbDIurVM UgIhAOjBDPZmw/oScvf0eppEGsTth/sJ9bUQa4zD//Ajk4AQMA0GCSqGSIb3DQEB CwUAA4IBAQBZNF1nV1n82nDKe3gsjaRLcbVFZVcPsLzTmHKh3KXHhbvRmTMGhtEk Y9tJeOY3EhsfULiTpngxVMIBiduRcCGn35s5rWxalCnJUIAT2h84dYwY4REHBtto K8NF4QPsCJL3lJpoHVdSCaS1UuoS1yDa2xMGLKr1Tnd8wD181bz6b9UK+y8zrghY 0Fuyrv6XYM0ps0yX6hJihycIVg8SX5yLdKKEpL3hmNz4+RUASsgJAH/MZvhtlbqy No39a29g27CXXtq951i6vxYVzjMKcDqjLLG5gMAw5P8fD9+GCGrIE/kct4pJzNY2 QHRbemfBiuF/vQkoTYVZAmq+K3fkycBq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CtNGmxReBJ3KC8Ct/G xNriyVCUsh92uzAIRmMv3iustgKBIJnvPixDsbsBj8F4/haS+TIkBIrCOKOumAdh JEBFe4Rchs9eme8IDvyUUvUp8hVz+OvhSUp2v2niq0waebV96Xmce5ORrQzYTICo 1szg+cI96GJ1ey3vNn2jMiyk1RvojAHyUgN22/aRZX4lvVe9lJMv8LFa1XfiIL/i xlQOq9h3jAAOiXWmvV0ISiIcqU2bqLDSsc96OVUOrwRqXbm3eJ7TqAdrq3m67mRg hBISAOWt/NM0S0N7dour9C+cdr+Qx287LUgGtrZ76Cct/4rzTIvHnlXv3vwjLC6T qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16444613424456747667537672941130605914 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-19 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.gettyimages.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21129469928223240981399336165942470765842229375914964535192385186436198258207000901009542685690096112772162830589107154687179689317271700106494170312006842444716834953286948968002122023783579008114738391292679720411403970289562623214494413203790803398249338298643772944938866373198522359879168305024392629587339953261412521339093685152443959092931278405124915197732505249196577524063864182542964401721117515676223614521596298402232363845832474448006062732289432766610539258600939645893532311209852361233930787096364235548557585426655994317898533406485741196580612822360803952053642919200041973727168788672939002074027 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fdf77400b83b1a802a32e8b3ee037043c73d7a0a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.gettyimages.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gateway-api.prod.getty1.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'connect.gettyimages.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017f0afe55fb0000040300473045022100f3bd1028a4418e474b6cdb380d3911dd44e8c6fa46b6ba77bac2bc30762515ab02204dff1c860cd5a1a7bd7cb0c994a9de30102428a51d568dd2339ca95f682ee76400760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017f0afe55cf0000040300473045022100c9308e2fe86e4ef8396b26de992164a143c3de87ff3f287c3c6c1d5ee91393e702207d1ebf456eca868f9a6fbaffbc27ceb2c4020f610a4c03e1ae6f2946c0ff2a47007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017f0afe560d00000403004730450220670c4cf83f2effb1eb2491b9498703600eacadae3c316783bb29b0c8bab54c52022100e8c10cf666c3fa1272f7f47a9a441ac4ed87fb09f5b5106b8cc3fff023938010 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0059345d675759fcda70ca7b782c8da44b71b54565570fb0bcd39872a1dca5c785bbd199330686d12463db4978e637121b1f50b893a6783154c20189db917021a7df9b39ad6c5a9429c9508013da1f38758c18e1110706db682bc345e103ec0892f7949a681d575209a4b552ea12d720dadb13062caaf54e777cc03d7cd5bcfa6fd50afb2f33ae0858d05bb2aefe9760cd29b34c97ea1262872708560f125f9c8b74a284a4bde198dcf8f915004ac809007fcc66f86d95bab2368dfd6b6f60dbb0975edabde758babf1615ce330a703aa32cb1b980c030e4ff1f0fdf86086ac813f91cb78a49ccd63640745b7a67c18ae17fbd09284d8559026abe2b77e4c9c06a